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Field of the Invention 



The present invention relates to a method for collecting 



network usage data for a user, which belongs to the technical field 
of computer network. 



As Internet evolves increasingly, users of Intranet, Internet 
Service Provider (hereinafter referred to as ISP) and broadband 
networks grow rapidly, categories of network service are becoming 
profuse, and network usage is diversified gradually. In such a case, 
operators and managers of network services demand to master user's 
usage of network resources in detail so as to implement more flexible 
accounting, plan reasonably and manage and monitor network 
resources effectively. 

How to obtain user network usage data in an efficient, accurate, 
and real-time manner? Presently, a typical solution is to configure 
a monitoring server, which collects the data related with address, 
port, and traffic in Internet Protocol (hereinafter referred to 
as IP) messages forwarded via routers and, on that basis, performs 
statistics and analysis to obtain network usage data of users. The 
flow is shown in Fig.l. 

Though detailed network usage data can be obtained by using 
a monitoring server, that method has the following disadvantages: 

1. The method requires an additional high-performance server; 
since the data volume to be collected is vast, thus support of mass 
storage devices is required, which increases networking cost. 

2. The method can collect only network resource occupation data 
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such as IP address and port number, but is unable to determine the 
users who occupy the network resources. To support applications 
such as content accounting, further process is required. 

3. The method is poor in real-time feature and thus can't meet 
the demand of real-time applications such as real-time accounting 
and real-time monitoring. 

Summary of the Invention 

An object of the present invention is to provide a method for 
collecting network usage data of a user, which uses association 
between NetStream technology and Remote Authentication Dial-In User 
Service (hereinafter referred to as Radius) Protocol to achieve 
efficient and real-time collection of network usage data of the 
user and provide essential data for network usage-based management 
and accounting. 

The method for collecting network usage data of a user 
according to the present invention comprises the following steps: 

(1) . an access device authenticating and authorizing the user, 
and an Authentication, Authorization and Accounting Server 
(hereinafter referred to as AAA server) recording the user' s network 
resource information authenticated and authorized; 

(2) . a router, during network access, recording network usage 
information, and sending the network usage information to a 
NetStream Collector (hereinafter referred to as NSC) with User 
Datagram Protocol (hereinafter referred to as UDP) messages; 

(3) . the NSC aggregating the collected network usage 
information; 

(4) . the association analysis server performing real-time 
association analysis for the aggregated network usage information 
and the user' s network resource information uploaded from the AAA 
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server to obtain detailed network usage data of the user. 

The access device in the method is any one of LAN switch, access 
server, or IP phone gateway. 

Step (1) in which an access device authenticates and authorizes 
the user and an AAA server records the user's network resource 
information comprises the following steps: 

(1) . the access device sending the user's authentication and 
authorization data to the AAA server; 

(2) . the AAA server analyzing and recording the user's 
authentication and authorization data, and sending the control 
information of network access permission to the access device; 

(3) . the access device allocating resources to the user and 
sending the user's network resource information to the AAA server, 
which records the user's network resource information; 

(4) . the AAA server forwarding the user's network resource 
information to the association analysis server in real time. 

Wherein, the resources allocated by the access device to the 
user comprise: IP address, and start time and stop time of network 
access, as well as bandwidth (optional) . The user' s network resource 
information recorded by AAA server comprises : user ' s account number, 
start time and stop time of network access, IP address, network 
access location, and service attribute. 

In step (2) of the method, the network usage information 
recorded by the router comprises: source IP address, destination 
IP address, source port number, destination port number, number 
of bytes, and timestamp. 

The association analysis in step (4) of the method is : matching 
the IP address and start time and stop time of network access in 
the user's network resource information to the IP address and 
timestamp in the network usage information, to determine the user 
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corresponding to the network usage information. 

The advantage of the method for collecting network usage data 
of a user according to the present invention is: it will not affect 
network usage for the user; in addition, due to the advanced design 
of NetStream, the method will not degrade IP message forwarding 
rate; instead, it may speed up the forwarding rate in certain cases. 
Through aggregation, association, and analysis, the method 
associates isolated network usage information with user's network 
resource information uploaded from the AAA server organically, so 
that it can collect user's network resource usage information in 
real time and record accurately user access to websites (IP 
addresses) , services (port numbers) , and duration and traffic in 
a certain time period. Furthermore, the network usage information 
collected with this method is comprehensive, and the data is compact 
through aggregation; thus the method will not occupy vast storage 
resource. The final network usage data created with this method 
may be oriented to users directly, to meet the data demand of diverse 
applications, such as content accounting, destination IP accounting, 
real-time accounting, network monitoring, and user behavior 
analysis. In addition, the method is advantageous in real-time 
feature and can meet the real-time demand of the majority of 
applications . 

Brief Description of the Drawings 

Fig. 1 is the networking diagram of the commonly used method 
for collecting network usage data presently; 

Fig. 2 is the networking diagram of the method for collecting 
network usage data of a user according to the present invention. 
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The present invention employs the networking solution as shown 
in Fig. 2. Firstly, the access device authenticates and authorizes 
the user, and the AAA server records the user's network resource 
information authenticated and authorized; during network access, 
the router records network usage information and sends the network 
usage information to NSC with UDP messages; the NSC aggregates the 
collected network usage information; the association analysis 
server performs real-time association analysis for the aggregated 
network usage information and the user's network resource 
information uploaded from the AAA server to obtain detailed network 
usage data of the user. 

The access device in the method may be any one of LAN switch, 
access server, or IP phone gateway. 

In the method, the process in which an access device 
authenticates and authorizes the user and an AAA server records 
the user's network resource information is as follows: firstly, 
the access device sends the user 1 s authentication and authorization 
data to the AAA server; the AAA server analyzes and records the 
user ' s authentication and authorization data, and sends the network 
access control information to the access device; the access device 
allocates resources to the user and sends the user's network 
resource information to the AAA server, which records the user's 
network resource information; the AAA server forwards the user's 
network resource information to the association analysis server 
in real time. Wherein, the resources allocated by the access device 
to the user comprise: IP address, and start time and stop time of 
network access, as well as bandwidth (optional) . The user' s network 
resource information recorded by AAA server comprises: user's 
account number, start time and stop time of network access, IP 
address, network access location, and service attribute. 
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In the method, the network usage information recorded by the 
router comprises : source IP address, destination IP address, source 
port number, destination port number, number of bytes, and 
timestamp. 

The association analysis in the method comprises matching the 
IP address and the start time and stop time of network access in 
the user's network resource information to the IP address and the 
timestamp in the network usage information, to determine the user 
corresponding to the network usage information. 



